Chill-project/chill-bundles
6
0
Fork 0
mirror of https://gitlab.com/Chill-Projet/chill-bundles.git synced 2025-08-20 14:43:49 +00:00
Code Issues Actions Projects Releases Wiki Activity

Attempt to make voter work

Browse Source
This commit is contained in:
Julie Lenaerts
2022-02-23 18:07:54 +01:00
parent de0be15fff
commit 7067d4b5bd
4 changed files with 26 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

33
src/Bundle/ChillBudgetBundle/Security/Authorization/BudgetElementVoter.php
View File

@@ -15,9 +15,11 @@ use Chill\BudgetBundle\Entity\AbstractElement;
use Chill\MainBundle\Entity\User;
use Chill\MainBundle\Security\Authorization\AbstractChillVoter;
use Chill\MainBundle\Security\Authorization\AuthorizationHelper;
use Chill\MainBundle\Security\Authorization\VoterHelperFactoryInterface;
use Chill\MainBundle\Security\Authorization\VoterHelperInterface;
use Chill\MainBundle\Security\ProvideRoleHierarchyInterface;
use Chill\PersonBundle\Entity\Person;
use Symfony\Component\Security\Core\Role\Role;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use function in_array;
@@ -30,22 +32,24 @@ class BudgetElementVoter extends AbstractChillVoter implements ProvideRoleHierar
public const ROLES = [
self::CREATE,
self::DELETE,
self::SHOW,
self::SEE,
self::UPDATE,
];
public const SHOW = 'CHILL_BUDGET_ELEMENT_SHOW';
public const SEE = 'CHILL_BUDGET_ELEMENT_SEE';
public const UPDATE = 'CHILL_BUDGET_ELEMENT_UPDATE';
/**
* @var AuthorizationHelper
*/
protected $authorizationHelper;
protected VoterHelperInterface $voter;
public function __construct(AuthorizationHelper $authorizationHelper)
public function __construct(VoterHelperFactoryInterface $voterFactory)
{
$this->authorizationHelper = $authorizationHelper;
$this->voter = $voterFactory
->generate(self::class)
->addCheckFor(AbstractElement::class, self::ROLES)
->addCheckFor(null, [self::CREATE])
->build();
}
public function getRoles(): array
@@ -66,18 +70,13 @@ class BudgetElementVoter extends AbstractChillVoter implements ProvideRoleHierar
protected function supports($attribute, $subject)
{
return (in_array($attribute, self::ROLES, true) && $subject instanceof AbstractElement)
|| ($subject instanceof Person && in_array($attribute, [self::SHOW, self::CREATE], true));
|| ($subject instanceof Person && in_array($attribute, [self::SEE, self::CREATE], true));
}
protected function voteOnAttribute($attribute, $subject, \Symfony\Component\Security\Core\Authentication\Token\TokenInterface $token)
protected function voteOnAttribute($attribute, $subject, TokenInterface $token)
{
$user = $token->getUser();
if (false === $user instanceof User) {
return false;
}
return $this->voter->voteOnAttribute($attribute, $subject, $token);
return $this->authorizationHelper
->userHasAccess($user, $subject, new Role($attribute));
}
}